System hacked warning alert on notebook (Laptop). Cyber attack on computer network, Virus, Spyware, Malware or Malicious software. Cyber security and cybercrime. Compromised information internet.
An independent audit conducted by the HM Inspectorate of Constabulary and Fire & Rescue Services (HMICFRS) has revealed significant deficiencies in the IT infrastructure of the National Crime Agency (NCA). The report indicates that nearly 80% of the NCA’s IT budget is allocated to maintaining outdated legacy systems, raising concerns about the agency’s operational efficiency and data management capabilities.
Concerns Over Outdated Systems
The audit highlights that many of the NCA’s IT systems are “outdated and unfit for purpose.” This situation has resulted in a heavy reliance on legacy systems, which have accumulated what the report terms as “technical debt.” The NCA has focused on quick fixes rather than implementing comprehensive long-term solutions. Such reliance is problematic, especially considering the sensitive nature of the data managed by the agency.
Furthermore, the report points out the NCA’s inadequate management of bulk datasets. Currently, there are no datasets from any regional organized crime units, nor are there plans in place for the NCA to conduct bulk analysis of data from the planned Law Enforcement Data Service, which is set to replace the Police National Computer by 2026.
Challenges of Cloud Adoption
Another critical issue identified is the NCA’s slow adoption of cloud-based technology. The report states, “The NCA has also been slow to fully embrace the benefits of cloud-based technology,” leading to practical challenges. Personnel are unable to transfer data automatically between systems that operate on different security tiers of the Government Security Classifications Policy, hampering operational efficiency.
The audit also revealed a staggering 260 legacy systems still in use. This has resulted in elevated maintenance costs, limited functionality, and compatibility issues with other internal systems. The reliance on outdated technology has necessitated additional training for new personnel, further straining resources.
To address these challenges, the report concludes with nine recommendations, including a comprehensive ten-year strategy for replacing legacy IT systems. The recommendations also emphasize the need for a plan to facilitate bulk data analysis of the Law Enforcement Data Service dataset and to adopt the government’s Digital and Data Profession Capability Framework.
NCA Director General Graeme Biggar responded to the findings, stating, “We are taking extensive action on areas identified in the report’s recommendations, much of which was well underway at the time of the inspection. This includes an agency-wide technology modernization programme.”
The NCA’s commitment to addressing these critical issues is essential for improving its operational readiness and enhancing its ability to combat serious and organized crime in the United Kingdom. As the agency moves forward with its modernization efforts, the outcome of these initiatives will be closely monitored by stakeholders and the public alike.
